<?php
header("Content-type: text/xml");
include "config/config.inc.php";
include "Des.php";
include "config/QuickMySQL.php";
include "config/function.inc.php";
/*
 * 命令处理类
 */
class CmdServer{
	private $key	= 'www.sns.';
	/*
	 *	构造函数
	 */
	function __construct(){
		echo '<?xml version="1.0" encoding="UTF-8"?>';
	}
	/*
	 *	析构函数
	 */
	function __destruct(){
		
	}
	/*
	 *	获取xml=>des=>base64
	 */
	function GetXml(){
		// 从Client读取
		$data = isset($GLOBALS["HTTP_RAW_POST_DATA"]) ? $GLOBALS["HTTP_RAW_POST_DATA"]:'';
		if(empty($data)) {
			$data = file_get_contents('php://input');
			if(!$data){
				return '';	
			}
		}
		// 反解base64
		$des = new Des();
		
		return $des->decrypt($data, $this->key);
	}
	/*
	 *	解析命令
	 */
	function ParseCommand(){
		// 获取要发送的数据
		$xml = $this->GetXml();
		if(empty($xml)){
			echo "<Cmd><Code>-1</Code><Msg>Error request</Msg></Cmd>";
			return;	
		}
		// 解析命令
		$doc = simplexml_load_string($xml);
		if(!isset($doc->Type)){
			echo "<Cmd><Code>-2</Code><Msg>Error method</Msg></Cmd>";
			return;
		}
		// 调用相应的方法
		if( !method_exists($this, "On" . (string)$doc->Type) ){
			echo "<Cmd><Code>-3</Code><Msg>Not found method</Msg></Cmd>";
			return;	
		}
		// 检测服务器
		if(strcmp((string)$doc->Type, "NULL") == 0){
			echo "<Cmd><Code>0</Code><Msg>Ok</Msg></Cmd>";
			return;	
		}
		// 检测是否有效的cookie
		if(strcmp((string)$doc->Type, "Login") != 0){
			if(!$this->CheckCookie((string)$doc->Cookie)){
				echo "<Cmd><Code>-4</Code><Msg>Time out</Msg></Cmd>";
				return;
			}
		}
		
		$this->{"On" . (string)$doc->Type}($doc);
	}
	/*
	 *	登录命令
	 */
	function OnLogin($doc){
		$sql = "select count(*) from t_sys_user where user='" 
			. str_replace("'", "''", (string)$doc->User)
			. "' and passwd='" . str_replace("'", "''", (string)$doc->Pwd)
			. "'";
		if( QuickMySQL::getSelectCount($sql) < 1 ){
			echo "<Cmd><Code>-5</Code><Msg>Error user or password</Msg></Cmd>";
			return;
		}
		// 写入cookie
		$uuid = uuid();
		$sql = "insert into t_sys_session(user, cookie,ip,first_time,last_time) values"
			. "('" . str_replace("'", "''", (string)$doc->User)
			. "', '{$uuid}', '{$_SERVER["REMOTE_ADDR"]}', now(), now())";
		if(QuickMySQL::quickExecute($sql)){
			echo "<Cmd><Code>0</Code><Msg>Ok</Msg><Cookie>{$uuid}</Cookie></Cmd>";
			return;
		}
		
		echo "<Cmd><Code>-10</Code><Msg>mysql operator failed</Msg></Cmd>";
	}
	/*
	 *	检测cookie
	 */
	function CheckCookie($cookie){
		$sql = "select count(*) from t_sys_session where cookie='" . str_replace("'", "''", $cookie) 
			. "' and ip='{$_SERVER["REMOTE_ADDR"]}' and TIMESTAMPDIFF(minute, last_time, now())  < 30";
		if(QuickMySQL::getSelectCount($sql) < 1){
			return false;
		}
		
		$sql = "update t_sys_session set last_time=now() where cookie='{$cookie}'";
		QuickMySQL::quickExecute($sql);
		return true;
	}
	/*
	 *	执行SQL语句
	 */
	function OnExecute($doc){
		echo "<Cmd><Code>0</Code><Msg>Ok</Msg></Cmd>";
	}
}

?>